From Wanos Wiki
Revision as of 21:25, 21 July 2014 by Peter.chamula (Talk | contribs)

Jump to: navigation, search

At first lets check if we have correctly configured wan0 and lan0 interfaces. We can see this from web interface "Reports - Networks - Interface statistics" if we know on which interface we should have more received/trasmitted traffic or we can check directly from console. 

tcpdump -i wan0

For example if we are connected with ssh from LAN side we shouldn't see any SSH packets on wan0 interface. If we do we should change it over web interface "Reports - Networks - Interface statistics - Switch Interface Port Roles checkbox"

Example of SSH traffic on wan0 

root@wanos:~# tcpdump -i wan0
tcpdump: WARNING: lan0: no IPv4 address assigned
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on lan0, link-type EN10MB (Ethernet), capture size 65535 bytes
05:12:15.593858 IP 192.168.5.2.ssh > 192.168.5.254.63976: Flags [P.], seq 1361930306:1361930418, ack 4233858220, win 1165, length 112
05:12:15.594880 IP 192.168.5.254.63976 > 192.168.5.2.ssh: Flags [.], ack 112, win 13235, length 0
05:12:15.595633 IP 192.168.5.2.ssh > 192.168.5.254.63976: Flags [P.], seq 112:320, ack 1, win 1165, length 208
05:12:15.596823 IP 192.168.5.2.ssh > 192.168.5.254.63976: Flags [P.], seq 320:720, ack 1, win 1165, length 400
05:12:15.597173 IP 192.168.5.2.ssh > 192.168.5.254.63976: Flags [P.], seq 720:896, ack 1, win 1165, length 176
05:12:15.597518 IP 192.168.5.2.ssh > 192.168.5.254.63976: Flags [P.], seq 896:1072, ack 1, win 1165, length 176
05:12:15.597868 IP 192.168.5.2.ssh > 192.168.5.254.63976: Flags [P.], seq 1072:1248, ack 1, win 1165, length 176

We can now check if we are sending probes in TCP Options header. 

root@wanos:~# tcpdump -i wan0 -X | grep "4c04 7a69"

If we can see any packets 

root@wanos:~# tcpdump -i wan0 -X | grep "4c04 7a69"
tcpdump: WARNING: wan0: no IPv4 address assigned
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on wan0, link-type EN10MB (Ethernet), capture size 65535 bytes
        0x0030:  0101 0402 4c04 7a69                      ....L.zi
        0x0030:  0101 0402 4c04 7a69                      ....L.zi
        0x0030:  0101 0402 4c04 7a69                      ....L.zi

For more detailed log we can dump traffic in file and examine with Wireshark. 

tcpdump -i wan0 -s 0 -w dump.pcap

For SYN TCP packet we should see under Options "Riverbend probe"

Retrieved from "http://wanos.co/wiki/index.php?title=Optimization&oldid=65"